Introduction to Penetration Testing
Disclaimer
Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with Georgia Tech Professional Education.
Full disclaimer.Description
As businesses become more dependent on interconnected systems for survival, they recognize a need to train their own personnel in assessment, exploitation, and remediation techniques. These “red teams” are becoming vital to organizations by exposing vulnerabilities early, implementing remediation procedures, and continually assessing the effectiveness of security strategies within an ever-changing threat landscape. This lab-based course will provide students with an understanding of the fundamental threat vectors and exploitation techniques used to penetrate systems and networks.
What You Will Learn
- The penetration testing cycle from Recon to Impact Assessment
- Social engineering attacks and impacts
- Tools and techniques used for exploiting vulnerabilities
- Network enumeration and vulnerability assessment
- Exploitation fundamentals and post-exploitation implications
- Web applications assessment
- Basic fuzzing for vulnerabilities
- How to create a culture of security throughout an organization
How You Will Benefit
- Gain understanding of the threat vectors used to penetrate systems and networks.
- Explore both classic and modern attacks and their impacts.
- Gain a deep understanding of the penetration testing process.
- Explore industry standard tools and techniques for exploiting vulnerabilities and assessing impact.
- Work along with instructor in a custom, virtualized, lab-based environment supporting each topic.
Content
PENETRATION TESTING CYCLE
- Research, Recon, Exploitation, Post Exploitation, Impact Assessment
- Explore the synthesis of all aspects of the cycle
VULNERABILITY IDENTIFICATION AND EXPLOITATION
- Network enumeration
- Determine which vectors are most likely to achieve our goals
- Identify appropriate tool set
MODERN ASSESSMENT
- Discuss difference between “clean room” exploitation tutorials and real world pentesting exercises
- Introduce client-side exploitation
POST-EXPLOITATION
- Explore the universe of possibilities after successful compromise
- Credential discovery and reuse
- Lateral movement
FUZZING
- History and road to modern techniques
- Basic techniques for identifying software vulnerabilities
Who should attend
This course is designed for information security personnel tasked with the defense of critical systems, networks, and infrastructure, as well as system administrators, advanced programmers, web developers, and database administrators.